package com.bailian.web.interceptor;

import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.List;

/**
 * Web端认证拦截器
 * 处理管理后台的认证逻辑
 * 
 * @author bailian
 */
@Component
public class WebAuthInterceptor implements HandlerInterceptor {

    // Web端不需要认证的路径
    private static final List<String> EXCLUDE_PATHS = Arrays.asList(
            // 登录相关
            "/login",
            "/captchaImage",
            "/register",
            "/getInfo",
            "/getRouters",
            "/logout",
            // 静态资源
            "/css/",
            "/js/",
            "/images/",
            "/fonts/",
            "/favicon.ico",
            // 健康检查
            "/actuator/health",
            "/actuator/info"
    );

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String requestURI = request.getRequestURI();
        
        // 检查是否为排除路径
        for (String excludePath : EXCLUDE_PATHS) {
            if (requestURI.startsWith(excludePath)) {
                return true;
            }
        }
        
        // TODO: 实现web端的token验证逻辑
        // 这里应该调用admin模块的认证服务
        // 暂时返回true，避免阻塞开发
        
        return true;
    }
} 